Microsoft Windows XP Manifest Processing Bug Lets Local Users Corrupt the System and Cause the Boot Process to Fail
|
|
SecurityTracker Alert ID: 1003308
|
|
SecurityTracker URL: http://securitytracker.com/id?1003308
|
|
CVE Reference: CVE-2002-2105
(Links to External Site)
|
Updated: May 20 2008
|
Original Entry Date: Jan 21 2002
|
Impact: Denial of service via local system
|
Exploit Included: Yes
|
Description: A denial of service vulnerability was reported in Microsoft's Windows XP operating system. A local user can corrupt the system.
A local user can reportedly cause the operating system to fail to complete the boot process by giving the explorer.exe file invalid
skinning information (*.manifest-file). It is reported that the XML code in the skinning file is not verified by the operating
system. If the manifest file contains invalid code, the application apparently won't start. If the manifest for explorer.exe is
corrupt, the system reportedly will not boot.
It is reported that the Windows XP repair function will not correct the error.
For
more information, see the article posted to german supernatural-forum (German language article):
http://www.supernature-forum.de/vbb/printthread.php?threadid=6458
|
Impact: A local user can cause the boot process to fail.
|
Solution: No solution was available at the time of this entry.
The author of the report suggests using a tool to verify the *.manifests before shutdown.
|
Vendor URL: www.microsoft.com/technet/security/ (Links to External Site)
|
Cause: Exception handling error, Input validation error
|
Underlying OS: Windows (XP)
|
Reported By: mosestycoon <mosestycoon@daybyday.de>
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 21 Jan 2002 13:40:15 -0500
From: mosestycoon <mosestycoon@daybyday.de>
Subject: Skinningfunction (*.manifest) may kill WinXP-system
|
As reported on the german supernatural-forum:
http://www.supernature-forum.de/vbb/printthread.php?threadid=6458
there is the possibility to "kill" an complete WinXP installation bei
simply giving the explorer.exe a corrupt *.manifest-file.
The *.manifest-file is the new skinning information to make the desktop
skinable. The XML-code, written in this file isn't verified at all. So
if there is a simply "stupid" ASCII-Code (really doesn't matter what you
write there) within this file, the application won't start. The worst
case is to make a corrupt explorer.exe.manifest to kick the heart of the
system. After a restart, the system will be halted at the
desktop-background-image without the explorer to start (ever). You even
can't start it manually (task-manager >> new task >> explorer.exe).
The repair-function won't help here either, because there are only
systemfiles checked, not manifest-files.
So be carefull with new skinning tools. This may cause in format c:
Test:
This " " " BUG " " " was tested with a corrupt explorer.exe.manifest
(watch the forum)
Attention:
You don't need specific code! So Virusscanners won't help, cause there
is no specific pattern.
Solution:
Watch the supernatural-forum. They offer a tool to verify the
*.manifests every shutdown...
MosesTycoon
mailto: mosestycoon@daybyday.de
|
|
